Re: [gnso-ff-pdp-may08] Solutions - Trusted abuse reporting

[Marc Perkel <marc@xxxxxxxxxx>]

I would agree. My general idea is based on trusted reporters. How that 
is implemented (SSL) is for the sharp people to figure out. Just so long 
as it's easy and it works.
Dave Piscitello wrote:
> I like this better than a general access proposal that accommodates 
> special DNS queries. By this I mean, "put the DNS client that queries 
> for the special information Mark seeks behind an SSL gateway" and 
> don't make it available for general access and abuse.
> I also think that the WDPRS servers could provide a similar "trusted 
> access" with perhaps some form of bulk submission of questionable 
> registration records.
> However, I don't think email is the right method. Authenticated 
> clients via SSL to a query system behind an SSL server is the model I 
> would propose. You can implement almost any internet service through 
> an SSL appliance/server with multi-factor authentication, granular 
> access controls. Since we would not be talking about tens of thousands 
> of accredited responders, the footprint of such an implementation is 
> manageable even for registrars who fall into the SMB category.
>
> On 8/1/08 10:40 AM, "Marc Perkel" <marc@xxxxxxxxxx> wrote:
>
>
>
>     OK - this is sort of a raw idea - but I was thinking about having an
>     abuse system that is sort of closed to trusted abuse reporters.
>     That way
>     the spammers can't spam the abuse reporting system. This closed system
>     will be available for legit abuse reporting participants such as spam
>     filtering companies (like myself), large email systems, or anyone who
>     shows they are a trusted source for automated abuse reporting.
>
>     Each registrar would have a standard abuse email address something
>     like
>     domain-abuse@xxxxxxxxxxxx - but that email address will only accept
>     email from members, so spammers can't spam it.
>
>     Membership will be controlled by a DNS based host list that counts on
>     the Forward confirmed RDNS of the host, which can't be faked. For
>     example, if we were in the list then it would accept email from
>     *.junkemailfilter.com., or *.yahoo.com.
>
>     Registrars receiving this email might be able to automate it if
>     everyone
>     stuck to a standard like the ARF standard.
>
>     Anyhow - the idea here is a standard way of reporting for members only
>     so that problems will get the attention of registrars quickly. If a
>     registrar starts getting thousands of automated complaints from
>     multiple
>     trusted sources then that would be a good alert.